September 22, 2017, Friday, 264

IPv6

出自TYRC

跳轉到: 導覽, 搜尋

目錄

桃園區網IPv6列表

  • Tatoal Range 2001:288:3000::/39
桃園區網2001:288:3000::/48routing OKhttp://www.tyrc.ncu.edu.tw (dual stack)dns OK
國立中央大學2001:288:3001::/48routing OKhttp://www.ncu.edu.tw (dual stack)
http://www.cc.ncu.edu.tw (dual stack)
dns OK
國立臺灣體育大學(桃園)2001:288:3002::/48
中原大學2001:288:3003::/48routing OK
元智大學2001:288:3004::/48routing OK
銘傳大學2001:288:3005::/48routing OKdns OK
健行科技大學2001:288:3006::/48routing OKdns OK
萬能科技大學2001:288:3007::/48routing OKdns OK
開南大學2001:288:3008::/48routing OKdns OK
桃園創新技術學院2001:288:3009::/48routing OK
中央警察大學2001:288:300A::/48routing OKhttp://www.cpu.edu.tw/dns OK
國防大學2001:288:300B::/48routing OKhttp://www.ndu.edu.tw/dns OK
新生醫校2001:288:300C::/48
陸軍專科學校2001:288:300E::/48routing OKhttp://www.aaroc.edu.tw/dns OK
陸軍後勤學校2001:288:300F::/48
私立大華高級中學2001:288:3010::/48
私立復旦高級中學2001:288:3011::/48
國立內壢高級中學2001:288:3012::/48
國立桃園高級農工職業學校2001:288:3013::/48
私立新興高級中學2001:288:3014::/48routing OK dns OK
私立治平高級中學2001:288:3015::/48routing ok
私立育達高級中學2001:288:3016::/48
私立至善高級工商職業學校2001:288:3017::/48
國立楊梅高級中學2001:288:3018::/48
桃園啟智學校2001:288:3019::/48routing OK
國立陽明高級中學2001:288:301A::/48
國立中壢高級商業職業學校2001:288:301B::/48routing OKhttp://ipv6.clvsc.tyc.edu.twdns OK
國立中壢高級家事職業商業學校2001:288:301C::/48
私立永平高級工商職業學校2001:288:301D::/48
國立中壢高級中學2001:288:301E::/48
私立清華高級中學2001:288:301F::/48
私立大興高級中學2001:288:3020::/48
私立啟英高級中學2001:288:3021::/48
私立六和高及中學2001:288:3022::/48
國立桃園高級中學2001:288:3023::/48
私立成功高級工商職業學校2001:288:3024::/48
私立振聲高級中學2001:288:3025::/48
國立龍潭高級農工職業學校2001:288:3026::/48
國立武陵高級中學2001:288:3027::/48
私立方曙高級商工職業學校2001:288:3028::/48
私立泉僑高級中學2001:288:3029::/48
核能研究所2001:288:302A::/48routing OKhttp://www.iner.gov.tw dns OK
國防大學理工學院2001:288:302B::/48routing OKhttp://www.ccit.ndu.edu.tw/dns OK
北區教育雲2001:288:3100::/48routing OKdns OK
桃園市網2001:288:3200::/48routing OKhttp://www.tyc.edu.twdns OK
桃園縣楊明國小2001:288:3360::/48routing OKhttp://www.ymps.tyc.edu.tw/dns OK
連江縣網2001:288:3600::/48routing OKhttp://www.matsu.edu.tw/dns OK
金門縣網2001:288:3400::/48routing OKhttp://www.km.edu.tw/dns OK

IPv6 6to4 tunneling

各類系統之安裝

XP

  • 安裝
    • ipv6 install
  • 設定固定 ipv6 address
    • netsh interface ipv6 add address "區域連線" 2001:288:3001::5:9
  • 設定 ipv6 dns
    • netsh interface ipv6 add dns "區域連線" 2001:288:3001:1:230:48ff:fe2b:a3b3 index=1
    • index=1 是指第一個dns
  • 刪除 ipv6 dns 設定
    • netsh interface ipv6 delete dns "區域連線" all

桃園區網 IPv6 DNS Smokeping 監看

桃園區網 IPv6 MRTG 連線流量監看


[困難度]

  • TANET 區網 Cisco 6509 router 未支援 IPv6-MIB
    • 無法設定 mrtg configuration 擷取
      • ipv6IfStatsInOctets
      • ipv6IfStatsOutOctets


[先前作法]

  • 強制的 IPv6 MRTG 連線流量監測
    • 每一區/縣網中心 一 IPv6 GigaEthernet 連線
    • Routing 區/縣網中心IPv6 traffic 往該介面
  • 設定 /執行 mrtg 提供連線 IPv6 流量監看
    • SNMP 介面 (Interface) MIB : IfInputOctet/ IfOutputOctet

[桃園區網作法]

  • 遠端連線 router,執行 show interface accounting
# show interface accounting” 
 
GigabitEthernet2/8 ### 國立中央大學 ###
        Protocol    Pkts In   Chars In   Pkts Out  Chars Out
                 IP 1654364275530 1003146055719738 885231569418 590190241240774
                 DEC MOP          0          0      48709    6283461
                  ARP     305354   18321240     739678   82843936
                  IPv6   17637976 9652740892 3709526564 4112091137764

GigabitEthernet2/9 TYC-to-CYCU (140.135.0.0)
                Protocol    Pkts In   Chars In   Pkts Out  Chars Out
                 IP 772909362921 366967798769448 580600995235 312548112347136
                 DEC MOP          0          0      48711    6283719
                 ARP      24395    1463700      69849    7823088
                 IPv6         57       5554     154624   26273960


  • 擷取介面之IPv6 InputOctets, OutputOctet
    • shell script
#!/usr/bin/perl
use Net::Telnet::Cisco;
  my $session = Net::Telnet::Cisco->new(Host => '203.72.x.x');
  $session->login(‘test_username', ‘test_password');
  # Execute a command
  my @output = $session->cmd('show interface accounting');
  print @output;
$session->close;


  • 設定 mrtg (讀取介面之IPv6 InputOctets, OutputOctet)
    • shell script
#!/bin/bash
# 提供ipv6 inoctet/outoctet to mrtg configure

y=`date +%Y`
d=`date +%m%d%H`
m=`date +%M`
m=`expr $m / 10`
d="$d""$m""0"

# 1. ipv6 inoctet/outoct
echo `cat /home/Expect/IPv6/$d | grep GigabitEthernet2/8 |awk '{print $3}'`
echo `cat /home/Expect/IPv6/$d | grep GigabitEthernet2/8 |awk '{print $4}'`
# 2. UpTime & interface name
  UPtime=`/usr/bin/uptime | awk '{print $3 " " $4 " " $5}'`
  echo $UPtime
  echo "GigabitEthernet2/8"


    • mrtg.cfg
# Multi Router Traffic Grapher -- Sample Configuration File
# Global configuration
WorkDir: /opt/apache-tomcat-6.0.20/webapps/ROOT/mrtg
WriteExpires: Yes
Language: utf8
Title[^]: Traffic Analysis for IPv6 links

Target[giga28]: `/home/mrtg-2.17.2/bin/mrtg.ipv6_28.sh`
MaxBytes[giga28]: 10000000000
Options[giga28]:  growright, nopercent
YLegend[giga28]: Bits per second
ShortLegend[giga28]:
LegendO[giga28]:   IPv6 Output
LegendI[giga28]:   IPv6 Input
Title[giga28]:  IPv6 Traffic for GigabitEther 2/8 link
PageTop[giga28]: <H1> GigabitEther 2/8</H1>
 <TABLE>  <TR><TD>System:</TD> <TD>TYRC GigabitEther 2/8</TD></TR> </TABLE>

Target[giga29]: `/home/mrtg-2.17.2/bin/mrtg.ipv6_29.sh`
MaxBytes[giga29]: 10000000000
Options[giga29]: growright, nopercent
YLegend[giga29]: Bits per second
ShortLegend[giga29]:
LegendO[giga29]:   IPv6 Output
LegendI[giga29]:   IPv6 Input
Title[giga29]:  IPv6 Traffic for GigabitEther 2/9 link
PageTop[giga29]: <H1> GigabitEther 2/9</H1>
 <TABLE>   <TR><TD>System:</TD>     <TD>TYRC GigabitEther 2/9</TD></TR> </TABLE>
...


  • cron 執行 mrtg 提供各介面IPv6 流量監看

#*/10 * * * * /home/Expect/expect.sh >> /home/Expect/log_
*/10 * * * * /usr/bin/perl /home/Expect/show_ipv6.pl >> /dev/null
*/10 * * * * /home/Expect/run.sh >> /home/Expect/logs/expect
8-58/10 * * * *  env LANG=C /home/mrtg-2.17.2/bin/mrtg /home/mrtg-2.17.2/bin/mrtg.cfg  > /dev/null


桃園區網 IPv6 TopN 量測

[困難度]

  • TANET 區網 Cisco 6509 router Netflow (version 5)
    • 僅支援 IPv4 traffic log
    • 未支援 IPv6 traffic log (higher than version 9)


[IPv4 TopN Traffic]

  • 啟動區網Router Netflow
  • 設定各Interface log Netflow data
  • 設定 router 將 Netflow log 送往 Collector server (IP address).
  • Collector server 收取 Netflow log, 據以統計TopN user


[IPv4 TopN Traffic]

  • 量測環境的建置
    • Router
      • Mirror traffic to the delicated interface
    • Collector
      • Snoop packet context with tcpdump
      • Do the accounting


[IPv6 流量統計]

  •  分散式流量統計/監測
    • 須處裡 龐大的 dump packet data
  • Hadoop-based mapreduce 程式
    • Simplify data processing and large clusters
      • Hide the messy detail of parallelization
      • Fault-tolerance
      • Distribution
      • Load balance


  • Account TopN IPv6 Traffic
package framework;

import java.io.*;
import java.util.*;

import Filter.*;

import org.apache.hadoop.fs.Path;
import org.apache.hadoop.conf.*;
import org.apache.hadoop.io.*;
import org.apache.hadoop.mapreduce.*;
import org.apache.hadoop.util.*;
import org.apache.hadoop.mapreduce.lib.input.*;
import org.apache.hadoop.mapreduce.lib.output.*;
import org.apache.hadoop.mapreduce.lib.partition.*;
//import org.apache.commons.logging.*;

/*Network Flow Monitor - Main class*/
public class NFM extends Configured implements Tool{

        public static BufferedInputStream input;
        public static Pcapfilter pf;
        public static Ethernetfilter ethf;
        public static IPfilter ipf;
        public static IPv6filter ip6f;
        public static TCPfilter tcpf;
        public static UDPfilter udpf;
        public static byte [] buf;
        public static int offset;
        public static TreeMap<String, packetIndex> pit;
        public static double StartTime;
        //public static Log log = LogFactory.getLog(Map.class);

        public static void initialize()
        {
                //initialize common filters
                pf = new Pcapfilter();
                ethf = new Ethernetfilter();
                ipf = new IPfilter();
                ip6f = new IPv6filter();
                tcpf = new TCPfilter();
                udpf = new UDPfilter();
                pit = new TreeMap<String, packetIndex>();
        }

        //Map Reduce process
        public static class Map extends Mapper<LongWritable, BytesWritable, Text, Text>
        {
                //private final static IntWritable one = new IntWritable(1);
                public static byte [] buf;
                public Text word = new Text();
                public Text one = new Text();

                public void map(LongWritable key, BytesWritable value, Context context) throws IOException, InterruptedException
                {
                        initialize();
                        int offset = 0;
                        //System.out.printf("Read %d bytes\n", length);
                        //System.out.println("Value: "+value.toString());
                        ByteArrayInputStream bis = new ByteArrayInputStream(value.getBytes());

                        packetIndex tmppkt=new packetIndex(key.get());
                        //Read the Ethernet header
                        buf = new byte[14];
                        bis.read(buf, offset, 14);
                        ethf.invokeFilter(buf);
                        if ( ethf.findtype() != -1)
                        {
                                tmppkt.insertMAC(ethf.getSrcMAC(), ethf.getDestMAC());
                                switch (ethf.findtype())
                                {
                                        case 0x800 : //Read the IP header
                                                buf = new byte[20];
                                                bis.read(buf, offset, 20);
                                                ipf.invokeFilter(buf);
                                                break;
                                        case 0x86dd :
                                                buf = new byte[40];
                                                bis.read(buf, offset, 40);
                                                ip6f.invokeFilter(buf);
                                                tmppkt.insertIP(ip6f.getSrcIP(), ip6f.getDestIP());
                                                tmppkt.makeKey();
                                                break;
                                }

                                if (ethf.findtype() == 0x800 && ipf.findtype() != -1 && !ipf.isBroadcast())
                                {
                                        tmppkt.insertIP(ipf.getSrcIP(), ipf.getDestIP());

                                        buf = new byte[ipf.l4length()];
                                        bis.read(buf, offset, ipf.l4length());
                                        switch (ipf.findtype())
                                        {
                                                case 0x06:      tcpf.invokeFilter(buf);
                                                                        tmppkt.insertPort(tcpf.getSrcPort(), tcpf.getDestPort());
                                                                        tmppkt.insertAPP(tcpf.getApp());
                                                                        break;
                                                case 0x11:      udpf.invokeFilter(buf);
                                                                        tmppkt.insertPort(udpf.getSrcPort(), udpf.getDestPort());
                                                                        tmppkt.insertAPP(udpf.getApp());
                                                                        break;
                                        }
                                        tmppkt.setL4type(ipf.findtype());
                                        tmppkt.makeKey();
                                        //combinePkt(tmppkt);
                                }
                        }
                        /*Catch the content*/
                        if (tmppkt.getKey().length() > 0)
                        {
                                if (ethf.findtype() == 0x86dd)
                                {
                                        //For IPv6 traffic
                                        word.set(ip6f.getSrcIP());
                                        one.set(ip6f.getInput(ip6f.getSrcIP())+"_"+ip6f.getOutput(ip6f.getSrcIP()));
                                        context.write(word, one);
                                        word.set(ip6f.getDestIP());
                                        one.set(ip6f.getInput(ip6f.getDestIP())+"_"+ip6f.getOutput(ip6f.getDestIP()));
                                        context.write(word, one);
                                }
                                else
                                {
                                        //For IPv4 traffic, Now we only concern about IP traffic
                                        //word.set(tmppkt.getKey());
                                        word.set(ipf.getSrcIP());
                                        one.set(ipf.getInput(ipf.getSrcIP())+"_"+ipf.getOutput(ipf.getSrcIP()));
                                        context.write(word, one);
                                        word.set(ipf.getDestIP());
                                        one.set(ipf.getInput(ipf.getDestIP())+"_"+ipf.getOutput(ipf.getDestIP()));
                                        context.write(word, one);
                                }
                        }
                        else
                        {
                                word.set("Unknown Protocol");
                        }
                        //log.info("Mapper test");
                        //context.write(word, one);
                }
        }
        public static class Reduce extends Reducer<Text, Text, Text, Text>
        {
                protected void reduce(Text key, Iterable<Text> values, Context context) throws IOException, InterruptedException
                {
                        int input = 0, output = 0, sum=0;
                        //String [] keyItem = key.toString().split("_");
                        for (Text val : values)
                        {
                                String [] keyItem = val.toString().split("_");
                                input += Integer.parseInt(keyItem[0]);
                                output += Integer.parseInt(keyItem[1]);
                                sum =input+output;
                        }
                        context.write (key, new Text(input+"_"+output+"_"+sum));
                }
        }


        public static class KeyComprator extends WritableComparator {

                 protected KeyComprator() {
                         super(Text.class, true);
                 }

                 @Override
                 public int compare(WritableComparable w1, WritableComparable w2) {

                         Text t1 = (Text) w1;
                         Text t2 = (Text) w2;
                         String[] t1Items = t1.toString().split("_");
                         String[] t2Items = t2.toString().split("_");
                         String t1Base = t1Items[0];
                         String t2Base = t2Items[0];
                         int v1=Integer.parseInt(t1Items[1]);
                         int v2=Integer.parseInt(t2Items[1]);

                         int comp = t1Base.compareTo(t2Base);
                         int comp2 = v1-v2;
                         if (comp == 0)
                                 comp = comp2;
                         //System.out.println(t1Base+"_"+t2Base+", "+v1+"_"+v2+", "+comp);
                         //return (comp2==0) ? t1.compareTo(t2) : (v1<v2) ? 1 : -1;
                         return comp;
                 }
         }

        public static class GroupComprator extends WritableComparator {

                 protected GroupComprator() {
                         super(Text.class, true);
                 }

                 public int compare(WritableComparable w1, WritableComparable w2) {
                        //consider only ip part of the key
                         Text t1 = (Text) w1;
                         Text t2 = (Text) w2;
                         String[] t1Items = t1.toString().split("_");
                         String[] t2Items = t2.toString().split("_");
                         String t1Base = t1Items[0];
                         String t2Base = t2Items[0];
                         int comp = t1Base.compareTo(t2Base);
                         return comp;
                 }
         }

        public static class trafficPartitioner extends Partitioner<Text, IntWritable> implements Configurable
        {
                private Configuration conf;
                 public int getPartition(Text key, IntWritable NullWritable, int numPartitions)
                 {
                        //consider only ip address part of the key
                         String[] keyItems = key.toString().split("_");
                         String keyBase = keyItems[0];
                         int part = (keyBase.hashCode()*127) % numPartitions;
                         return part;
                 }

                public Configuration getConf() {
                        return conf;
                }

                public void setConf(Configuration arg0) {
                        this.conf=arg0;

                }

        }


        public static void main(String[] args) throws Exception
        {
                int res = ToolRunner.run(new Configuration(), new NFM(), args);
                System.exit(res);
        }

        public int run(String[] args) throws Exception
        {
                //System.out.println("run");
                Configuration conf = new Configuration();

            Job job = new Job(conf, "Network flow analysis");
            job.setJarByClass(NFM.class);

            job.setMapOutputKeyClass(Text.class);
            job.setMapOutputValueClass(Text.class);

            //job.setPartitionerClass(trafficPartitioner.class);
            //job.setGroupingComparatorClass(GroupComprator.class);
            //job.setSortComparatorClass(KeyComprator.class);

            job.setOutputKeyClass(Text.class);
            job.setOutputValueClass(Text.class);

            job.setMapperClass(Map.class);
            job.setCombinerClass(Reduce.class);
            job.setReducerClass(Reduce.class);


            job.setInputFormatClass(pcapInputFormat.class);
            job.setOutputFormatClass(TextOutputFormat.class);
            /* The right number of reduces seems to be 0.95 or 1.75 multiplied by (<no. of nodes> * mapred.tasktracker.reduce.tasks.maximum).
                   With 0.95 all of the reduces can launch immediately and start transferring map outputs as the maps finish.
                   With 1.75 the faster nodes will finish their first round of reduces and launch a second wave of reduces doing a much better job o
f load balancing.
             */
            //job.setNumReduceTasks(1);

            FileInputFormat.addInputPath(job, new Path(args[0]));
            FileOutputFormat.setOutputPath(job, new Path(args[1]));

                return (job.waitForCompletion(true))?1:0;
        }
}



[結果輸出]


            IP_Address                                       Input       Output      Total

163.25.154.253  58420510  1897610  60318120
163.25.34.254   43487829  3643965  47131794
203.72.112.254  40080421  2671922  42752343
210.240.213.8   32735378  1911621  34646999
210.59.40.2     32616494  847838  33464332
210.60.160.200  17220466  9630903  26851369
203.71.234.252  22823684  367933  23191617
2001:288:3006:b:bc99:a46f:2c6d:26c7     22314029  322889  22636918
2404:6800:4008:3:0:0:0:12       283976  21678608  21962584
210.240.213.9   18312635  664980  18977615
163.28.5.24     108361  15448730  15557091
163.25.14.89    15418208  107495  15525703
115.69.195.149  119676  15069280  15188956
203.71.2.67     13939636  579238  14518874
210.59.42.253   14013659  282512  14296171
203.72.33.253   9809995  4179210  13989205
74.125.101.182  102104  13825451  13927555
140.127.177.17  153124  13659273  13812397
139.175.236.224 135784  12548992  12684776
203.68.248.149  11534285  1118224  12652509
202.169.175.84  103368  11889632  11993000
210.240.213.13  9068744  878085  9946829
203.68.249.250  8920430  593875  9514305
203.71.236.141  8718116  654553  9372669
203.69.113.92   29912  9328167  9358079
2001:288:3281:0:1439:56ec:d7d8:d450     8684276  81560  8765836
203.71.2.73     6088126  2613256  8701382
210.70.28.183   8271001  148283  8419284
210.240.213.38  5825374  2349402  8174776
210.60.236.8    6300033  1293510  7593543
202.169.174.210 65952  7404474  7470426
63.80.242.34    69109  7201647  7270756
2404:6800:4008:2:0:0:0:7        54624  7178788  7233412
2001:288:3006:e:6de1:3b00:6ad2:4511     7178768  54604  7233372
2404:6800:4008:2:0:0:0:8        49080  7114236  7163316
2001:288:3006:a:9cde:b814:735f:e2f5     7114236  49080  7163316
202.169.175.81  48536  7064600  7113136
116.214.13.252  80679  6984805  7065484
2404:6800:4008:2:0:0:0:9        0  6977880  6977880
2001:288:3001:23:2d96:bf83:a7c3:b700    6977880  0  6977880
2404:6800:4008:2:0:0:0:6        48060  6878853  6926913
2404:6800:4008:3:0:0:0:d        0  6907748  6907748
2001:288:3001:23:b44c:ff76:cdf0:9017    6907748  0  6907748
163.25.13.81    6777605  122919  6900524
163.28.5.10     79473  6806730  6886203
61.219.1.110    59394  6711672  6771066
119.160.254.215 378805  6311421  6690226
202.169.174.211 61632  6589360  6650992
50.23.186.230   82767  6537097  6619864
163.30.41.135   85989  6372399  6458388
119.160.254.197 354194  6081826  6436020
140.111.1.35    50645  6318512  6369157
2404:6800:4008:3:0:0:0:9        66007  6054549  6120556
2001:288:3611:1:d1d3:e37e:b952:e4fb     6054549  58567  6113116
2404:6800:4008:3:0:0:0:a        0  6085314  6085314

...